From 330e8c8352eb0ed3c178ac6e0102403c0a835492 Mon Sep 17 00:00:00 2001
From: Jason Miller <jason@milr.com>
Date: Thu, 5 Jul 2018 20:53:51 -0700
Subject: [PATCH] Support urandom inside chroot

This adds a new default entropy function that uses a /dev/urandom stream
opened before the chroot.  If initializing that fails, it fallsback on
HAVEGE only if HAVEGE is supported by the mbedTLS.

This should remove the hard requirement on HAVEGE

resolves #326
resolves #327

[Upstream status: https://github.com/mongrel2/mongrel2/pull/328]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 src/mongrel2.c |  7 -------
 src/server.c   | 36 +++++++++++++++++++++++-------------
 2 files changed, 23 insertions(+), 20 deletions(-)

diff --git a/src/mongrel2.c b/src/mongrel2.c
index da632d95..48ece8a5 100644
--- a/src/mongrel2.c
+++ b/src/mongrel2.c
@@ -404,13 +404,6 @@ void taskmain(int argc, char **argv)
     rc = attempt_chroot_drop(srv);
     check(rc == 0, "Major failure in chroot/droppriv, aborting."); 
 
-    // set up rng after chroot
-    // TODO: once mbedtls is updated, we can move this back into Server_create
-    if(srv->use_ssl) {
-        rc = Server_init_rng(srv);
-        check(rc == 0, "Failed to initialize rng for server %s", bdata(srv->uuid));
-    }
-
     final_setup();
 
     taskcreate(tickertask, NULL, TICKER_TASK_STACK);
diff --git a/src/server.c b/src/server.c
index 45761db4..e44e199b 100644
--- a/src/server.c
+++ b/src/server.c
@@ -149,35 +149,45 @@ static int Server_load_ciphers(Server *srv, bstring ssl_ciphers_val)
     return -1;
 }
 
+static int urandom_entropy_func(void *data, unsigned char *output, size_t len)
+{
+    FILE* urandom = (FILE *)data;
+    size_t rc = fread(output, 1, len, urandom);
+
+    if (rc != len) return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+
+    return 0;
+}
+
 int Server_init_rng(Server *srv)
 {
     int rc;
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
     void *ctx = NULL;
 
-    mbedtls_entropy_init( &srv->entropy );
+    FILE *urandom = fopen("/dev/urandom","r");
 
-    // test the entropy source
-    rc = mbedtls_entropy_func(&srv->entropy, buf, MBEDTLS_ENTROPY_BLOCK_SIZE);
-
-    if(rc == 0) {
+    if(urandom != NULL) {
         ctx = calloc(sizeof(mbedtls_ctr_drbg_context), 1);
 
         mbedtls_ctr_drbg_init((mbedtls_ctr_drbg_context *)ctx);
         rc = mbedtls_ctr_drbg_seed((mbedtls_ctr_drbg_context *)ctx,
-            mbedtls_entropy_func, &srv->entropy, NULL, 0);
+            urandom_entropy_func, urandom, NULL, 0);
         check(rc == 0, "Init rng failed: ctr_drbg_init returned %d\n", rc);
 
         srv->rng_func = mbedtls_ctr_drbg_random;
         srv->rng_ctx = ctx;
     } else {
-        log_warn("entropy source unavailable. falling back to havege rng");
 
+#if defined(MBEDTLS_HAVEGE_C)
+        log_warn("entropy source unavailable. falling back to havege rng");
         ctx = calloc(sizeof(mbedtls_havege_state), 1);
         mbedtls_havege_init((mbedtls_havege_state *)ctx);
-
         srv->rng_func = mbedtls_havege_random;
         srv->rng_ctx = ctx;
+#else
+        log_err("Unable to initialize urandom entropy source, and mbedTLS compiled without HAVEGE");
+        goto error;
+#endif
     }
 
     return 0;
@@ -278,10 +288,10 @@ Server *Server_create(bstring uuid, bstring default_host,
 
     // TODO: once mbedtls supports opening urandom early and keeping it open,
     //   put the rng initialization back here (before chroot)
-    //if(use_ssl) {
-    //    rc = Server_init_rng(srv);
-    //    check(rc == 0, "Failed to initialize rng for server %s", bdata(uuid));
-    //}
+    if(use_ssl) {
+        rc = Server_init_rng(srv);
+        check(rc == 0, "Failed to initialize rng for server %s", bdata(uuid));
+    }
 
     if(blength(chroot) > 0) {
         srv->chroot = bstrcpy(chroot); check_mem(srv->chroot);
